Anti-Virus Settings

Anti-Virus Configuration

Anti-Virus can be enabled/disabled and configured in the Policy.

Anti-Virus is an add-on that requires a license that is not included with the Deploy Faronics license. See Setup User Profile and Organization Setting.

Enabling Anti-Virus

To Enable Anti-Virus, you need to create a Windows Policy as follows:

1. Select the Control Grid tab on the top menu bar.

2. Navigate to the Policies tab.

3. Click the CREATE NEW POLICY drop-down menu.

4. Select WINDOWS POLICY from the menu.

5. Enter a name for your new Policy.

You can configure other settings here, but we will skip straight to the Anti-Virus configuration for this example. See Create a Windows Policy for further information.

6. Select Anti-Virus from the left-hand side menu.

7. Click the ENABLE ANTI-VIRUS button.

Configuring Anti-Virus

Once enabled, the Anti-Virus settings need configuring: Active Protection, Default Action for Cleanup Actions, Scan Schedules, Scan Options, Advanced Options, Scan Exception, USB Devices, and Remove Anti-Virus.

Anti-Virus Settings Descriptions

1. Click Enable Active Protection to enable/disable it depending on your preference.

2. Click Allow user to switch off Active Protection to enable/disable it depending on your preference.

3. Click Show Active Protection Alert to enable/disable it depending on your preference.

If this is the only setting you are configuring, click SAVE, otherwise, proceed to the next settings.

Configuring Cleanup Action

Next, you will need to configure the Cleanup Actions for your Policy.

Cleanup Action Descriptions

4. Click Cleanup Action to expand the options.

5. Either select the Clean/Quarantine or Clean/Delete option depending on your preference.

6. Click the Delete items from quarantine that are older than X days to enable/disable it.

7. If you enabled the Delete items from quarantine option in the previous step, enter the number of days after which quarantined files can be deleted (between 1 and 365).

If you don't wish to configure any other settings, click SAVE; otherwise, proceed to the next settings.

Configuring Scan Schedule

Next, you will need to configure the Scan Schedule for your Policy.

Scan Schedule Descriptions

Enable/Disable the Quick Scan and Deep Scans here. he schedule can also be edited, configuring the Start time, Stopping when the scan is complete (or at a specified time), days of the week to run the scan. To configure a scan schedule, select the edit option to the right of it.

8. Click Scan Schedule to expand the options, then click Edit next to the Quick Scan.

9. Enable or disable the Quick Scan by clicking the box.

10. Either choose to stop the scan when its complete or enter a time for the scan to stop.

11. Select the days to run the virus scan on.

12. Click UPDATE to save your changes

13. OR click CANCEL to forget all changes made and return to the previous screen.

Repeat these steps for the Deep Scan.

If you don't wish to configure any other settings, click SAVE; otherwise, proceed to the next settings.

Configuring Scan Options

Next, you will need to configure your scan options as follows:

Scan Options Descriptions

14. Click Scan Options to expand the options.

15. Enter a number of minutes to randomize the scheduled start time; the default setting is 2.

16. Choose how to respond to a missed scan; either don't perform a scan, perform a quick scan after x minutes after startup, or prompt user to perform a quick scan.

If you don't wish to configure any other settings, click SAVE; otherwise, proceed to the next settings.

Configuring Advanced Options

Next, configure the Advanced Options for the Anti-Virus in your Policy:

Advanced Options Descriptions

17. Click Advanced Options to expand the options.

18. Select the Deep System Scan options (Default are Enable RootKit and Scan Inside Archives, Scan Registry and Scan Running Processes are mandatory).

19. Select the Custom Anti-Virus scan advanced options (default sets a file size limit to 100 MB).

If you don't wish to configure any other settings, click SAVE; otherwise, proceed to the next settings.

Configuring Scan Exceptions

Next, you can add a file or folder that is known to be safe to the exceptions list. This will prevent the virus scanner from scanning the file/folder.

Scan Exception

Specify the files or folders that are known to be safe. By adding the files or folders, Faronics anti-virus will not report the files as malicious or infected. The list displays the items that will not be reported as a virus.

20. Click Scan Exceptions to expand the options.

21. Click the + button.

22. Select either File by full path or Entire Folder from the drop-down list.

23. Click BROWSE to locate your file or folder.

24. Click OK to add the exception.

If you don't wish to configure any other settings, click SAVE; otherwise, proceed to the next settings.

Configuring USB Devices

Next, you can configure how to handle USB drives when they get inserted.

USB Devices Options Descriptions

25. Click USB Devices to expand the options.

26. Enable/Disable Scan USB drives Upon Insertion (default is enabled).

27. If Scan USB drives is enabled, choose how to handle it either interrupt active scan for USB scan or Do not perform a scan if another scan is in progress.

28. If Scan USB drives is enabled, enable/disable the Suppress USB scan in progress dialogue.

If you don't wish to configure any other settings, click SAVE; otherwise, proceed to the next settings.

Remove Anti-Virus

The final option is to Remove Anti-Virus from all computers on this Policy; only enable this if you wish to remove the anti-virus software from the computers that use this Policy.

The new Policy's Anti-Virus has been configured. If this is the only or final setting you are configuring, click SAVE; otherwise, proceed to the next settings (Firewall Settings).

Once saved, to make any changes to this configuration, navigate to the Policies tab, then locate the Policy by name in the grid, select it and click the EDIT POLICY button on the top menu bar.

Last updated